Statistical Inference Attack Against PHY-layer Key Extraction and Countermeasures

TL;DR

This paper analyzes statistical inference attacks on PHY-layer key extraction using machine learning without assuming link correlation, demonstrating effective key recovery and proposing a countermeasure that enhances randomness and security.

Contribution

It introduces ML-based inference attacks that do not rely on link correlation assumptions and proposes a new countermeasure, FBCH, to improve key extraction security.

Findings

ML algorithms effectively infer link signatures without correlation assumptions

Inference algorithms significantly reduce key search space

FBCH protocol enhances randomness and resists inference attacks

Abstract

The formal theoretical analysis on channel correlations in both real indoor and outdoor environments are provided in this paper. Moreover, this paper studies empirical statistical inference attacks (SIA) against LSB key extraction, whereby an adversary infers the signature of a target link. Consequently, the secret key extracted from that signature has been recovered by observing the surrounding links. Prior work assumes theoretical link-correlation models for the inference, in contrast, our study does not make any assumption on link correlation. Instead, we take machine learning (ML) methods for link inference based on empirically measured link signatures. ML algorithms have been developed to launch SIAs under various realistic scenarios. Our experimental results have shown that the proposed inference algorithms are still quite effective even without making assumptions on link correlation. In addition, our inference algorithms can reduce the key search space by many orders of magnitudes compared to brute force search. We further propose a countermeasure against the statistical inference attacks, FBCH (forward-backward cooperative key extraction protocol with helpers). In the FBCH, helpers (other trusted wireless nodes) are introduced to provide more randomness in the key extraction. Our experiment results verify the effectiveness of the proposed protocol.